From b193cabc8b9581e004c278235fbfead9be140163 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 9 Sep 2022 10:42:15 +0000
Subject: [PATCH] Bump arbitrary from 1.1.4 to 1.1.5 in /bin/fuzz (#2729)
Bumps [arbitrary](https://github.com/rust-fuzz/arbitrary) from 1.1.4 to
1.1.5.
Changelog
Sourced from arbitrary's
changelog.
1.1.5
Released 2022-09-20.
Added
- Implemented
Arbitrary for
std::ops::Bound<T>.
Fixed
- Fixed a bug where
Unstructured::int_in_range could
return out-of-range
integers when generating arbitrary signed integers.
Commits
b73c092
Bump to version 1.1.56dfff42
Merge pull request #123
from fitzgen/fix-int-in-range-once-and-for-all-hopefullybf5d9c0
Run the int_in_range fuzzer in CIeb9b125
Fix docs for int_in_range and its panic condition75c4ddb
Fix int_in_range with signed integersa5f7707
Add a test for int_in_range generating unsigned
integers8d02074
Add a fuzz target for Unstructured::int_in_rangefc5b798
Merge pull request #121
from fitzgen/bounda318c6a
Implement Arbitrary for std::ops::Bound- See full diff in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
---
bin/fuzz/Cargo.lock | 15 ++++++++-------
bin/fuzz/Cargo.toml | 2 +-
2 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/bin/fuzz/Cargo.lock b/bin/fuzz/Cargo.lock
index 95887d59e2..d620377858 100644
--- a/bin/fuzz/Cargo.lock
+++ b/bin/fuzz/Cargo.lock
@@ -65,9 +65,9 @@ checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc"
[[package]]
name = "arbitrary"
-version = "1.1.4"
+version = "1.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8931eb436ab9bf1980c6cb2b9d1ba5390cd6793b2c6e2d2ea8147da3570c2a2e"
+checksum = "5b0d87f4e4aaa9f3a00706edc7cbbeab0e3cc45ff1062b1160bc0204d6481ad4"
[[package]]
name = "arrayref"
@@ -1731,9 +1731,9 @@ dependencies = [
[[package]]
name = "sha2"
-version = "0.10.3"
+version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "899bf02746a2c92bf1053d9327dadb252b01af1f81f90cdb902411f518bc7215"
+checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5"
dependencies = [
"cfg-if",
"cpufeatures",
@@ -1769,11 +1769,12 @@ checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1"
[[package]]
name = "smoldot"
-version = "0.3.0"
+version = "0.4.0"
dependencies = [
"arrayvec 0.7.2",
"async-std",
"atomic",
+ "base64",
"bip39",
"blake2-rfc",
"bs58",
@@ -1805,7 +1806,7 @@ dependencies = [
"schnorrkel",
"serde",
"serde_json",
- "sha2 0.10.3",
+ "sha2 0.10.5",
"siphasher",
"slab",
"smallvec",
@@ -1841,7 +1842,7 @@ dependencies = [
"curve25519-dalek 4.0.0-pre.1",
"rand_core 0.6.3",
"rustc_version",
- "sha2 0.10.3",
+ "sha2 0.10.5",
"subtle",
]
diff --git a/bin/fuzz/Cargo.toml b/bin/fuzz/Cargo.toml
index 1cfd4fa2a0..9e3f6dc620 100644
--- a/bin/fuzz/Cargo.toml
+++ b/bin/fuzz/Cargo.toml
@@ -9,7 +9,7 @@ edition = "2018"
cargo-fuzz = true
[dependencies]
-arbitrary = "1.1.4"
+arbitrary = "1.1.5"
fnv = { version = "1.0.7", default-features = false }
hashbrown = { version = "0.12.3", default-features = false }
libfuzzer-sys = "0.4"